Empirical Analysis of Cryptographic Handshake Delays in Secure Web Communication

Abstract

The paper examines the performance overhead of the process of completing an SSL/TLS handshake in contemporary web-based contexts by what quantifiable delay different cryptography-related settings impose. The study involves a custom-made passive monitoring framework to study the latency of handshake with different cypher suites, certificate chain, elliptic curve algorithms, and varying network conditions. It is analysed on 120 distributed test endpoints on AWS, Azure, and Google Cloud platforms, and both HTTP/2 and QUIC protocols are tested. Findings reveal that the latency of handshakes is nearly proportional to the depth of the certificate chain and the cryptographic complexity, so that handshakes based on RSA-4096 were 2.3 times later in comparison with handshakes based on ECDHE-RSA-P256. The mechanisms of optimization like TLS 1.3 session resumption, 0-RTT early data, and caching of certificates decreased the overall connexion set up times by up to 40 per cent on average. The empirical evidence of this research informs developers and security architects to modify the cryptographic strength and low-latency in web-scale secure communication systems.